NCTU Computer Center Mpd Configuration Guide
"Learn about the Mpd implementation of the multi-link PPP protocol at NCTU's Computer Center. Explore setup instructions, authentication steps, configuration details, and more. Get insights into creating bundles, setting up links, and configuring startup sections for efficient networking."
Uploaded on | 0 Views
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
MPD Multi-link PPP daemon zswu
Computer Center, CS, NCTU mpd Mpd is a netgraph(4) based implementation of the multi-link PPP protocol for FreeBSD /usr/ports/net/mpd5 pkg install mpd5 It supports several of the numerous PPP sub-protocols and extensions, such as: Multi-link PPP capability PAP, CHAP, MS-CHAP and EAP authentication PPP compression and encryption Mpd have support for many link types: Serial port modem Point-to-Point Tunnelling Protocol (PPTP) Layer Two Tunnelling Protocol (L2TP) PPP over Ethernet (PPPoE) 2
Computer Center, CS, NCTU mpd - setup /etc/rc.conf gateway_enable="YES" mpd_flags="-b" mpd_enable="YES" Configuration files /usr/local/etc/mpd5/ mpd.conf mpd.secret Start # sysctl net.inet.ip.forwarding=1 # /usr/local/etc/rc.d/mpd5 start 3
Computer Center, CS, NCTU mpd - authentication mpd.secret Syntax: username password [ip_address | CIDR] userA foo1 vpnuser "hello123" "foobar" "vpn_passwd" 192.168.1.100 192.168.1.128/25 # An external password access program * "!/usr/local/bin/mpd/vpn_passwd.sh" plain text chmod 600 mpd.secret 4
Computer Center, CS, NCTU mpd - configuration (1) mpd.conf Consists of a label followed by a sequence of mpd commands A label begins at the first column and ends with a colon character Commands are indented with a tab character and follow the label on the next and subsequent lines. client: create bundle template B1 create link static L1 modem set modem device /dev/cuad0 set modem speed 115200 set modem script DialPeer set modem idle-script AnswerCall set modem var $DialPrefix "DT" set modem var $Telephone "1234567" set link no pap chap eap set link accept pap set auth authname "MyLogin" set auth password "MyPassword" set link max-redial 0 set link action bundle B1 open 5
Computer Center, CS, NCTU mpd - configuration (2) startup section Added a new startup section to the config-file, which is loaded once at startup. startup: # configure mpd console users set user foo1 bar1 # configure the console set console self 127.0.0.1 5005 set console open # configure the web server set web self 0.0.0.0 5006 set web open 6
Computer Center, CS, NCTU mpd - configuration (3) default section Set interface ip range Set bundle name Link layer configuration default: load pptp_server pptp_server: # Define dynamic IP address pool. set ippool add VPNPOOL 192.168.1.50 192.168.1.99 # Create clonable bundle template create bundle template VPN set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix # adjust incoming and outgoing TCP SYN segments (MTU) set ipcp yes vjcomp # Van Jacobson TCP header compression # Specify IP address pool for dynamic assigment. set ipcp ranges 192.168.1.1/32 ippool VPNPOOL 7
Computer Center, CS, NCTU mpd - configuration (4) default section Link layer configuration pptp_server: . (skip) # Create clonable link template named L create link template VPNLINK pptp # Set bundle template to use set link action bundle VPN # Multilink adds some overhead, but gives full 1500 MTU. set link enable multilink # Address and control field compression, save 2 bytes, # Protocol field compression, save 1 byte set link yes acfcomp protocomp set link keep-alive 10 60 # Configure PPTP set pptp self 1.2.3.4 set link enable incoming 8
Computer Center, CS, NCTU mpd - encryption Microsoft Point-to-point compression (MPPC) CCP subprotol 'mppc' option should be enabled at the CCP layer # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless 9
Computer Center, CS, NCTU mpd - configuration (5) Minimum configuration startup: default: set ippool add VPNPOOL 192.168.1.11 192.168.1.15 create bundle template NAVPN set ipcp ranges 192.168.1.1/32 ippool VPNPOOL create link template VPNLINK pptp set link action bundle NAVPN set link no pap chap eap set link enable chap-msv2 set pptp self 1.2.3.4 set link enable incoming 10
Computer Center, CS, NCTU syslog Modify /etc/syslog.conf !mpd *.* /var/log/mpd.log touch /var/log/mpd.log /etc/rc.d/syslogd reload Maybe firewall need some configuration. Allow 1723 port, and GRE packets. 11
Computer Center, CS, NCTU VPN client 12
Computer Center, CS, NCTU VPN client 13
Computer Center, CS, NCTU Reference Mpd User Manual ports: net/pptpclient http://pptpclient.sourceforge.net/ 14
